mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 17:34:18 +03:00
NEWS: mention CVE-2020-25637 in v6.8.0 release notes
Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
parent
c1f3a628d0
commit
fdb6a5d79e
8
NEWS.rst
8
NEWS.rst
@ -27,6 +27,14 @@ v6.9.0 (unreleased)
|
||||
v6.8.0 (2020-10-01)
|
||||
===================
|
||||
|
||||
* **Security**
|
||||
|
||||
* qemu: double free in qemuAgentGetInterfaces() in qemu_agent.c
|
||||
|
||||
Clients connecting to the read-write socket with limited ACL permissions
|
||||
may be able to crash the libvirt daemon, resulting in a denial of service,
|
||||
or potentially escalate their privileges on the system. CVE-2020-25637.
|
||||
|
||||
* **New features**
|
||||
|
||||
* xen: Add ``writeFiltering`` attribute for PCI devices
|
||||
|
Loading…
Reference in New Issue
Block a user